1 Video for postMessage() IV

PRO
Tier
difficulty_medium_icon
Medium
clock icon
< 1 Hr.
number of users completed icon
942
badge icon
Orange Badge
image of exercise postMessage() IV: Exploitation
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
postMessage() IV: Exploitation

In this video, we cover the exploitation of postMessage IV. We demonstrate how to share secrets without having the CSRF token by leveraging the victim's session and crafting a JavaScript exploit.

video duration icon05:32 number of views icon1382